e9ded4218c04f8defcf12f0a03436c42_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e9ded4218c04f8defcf12f0a03436c42_JaffaCakes118
Size

405KB
MD5

e9ded4218c04f8defcf12f0a03436c42
SHA1

f55746fc0d2d9bc5e60a37320bc6994fcd8c6413
SHA256

7dd33a1d775cb7795793f0ca98e9c8e092522d7318285f9cfeae65ac96f18a82
SHA512

37ba60135375b88a4b74a4b084bd2353cac016604c106878eb19af9958a943077c59ee644b06f7be03df17d9bc0b49fd1f495917b9fbb53d5149f848a94b8db1
SSDEEP

12288:YEolo5KMskVzJV9/y8RduvuZftjhjLurncAU6Krdb:YEolo5KMr/y8vumL0I6kdb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9ded4218c04f8defcf12f0a03436c42_JaffaCakes118

Files

e9ded4218c04f8defcf12f0a03436c42_JaffaCakes118
.exe windows:4 windows x86 arch:x86

647b2d25b4821905b4195ff7a6455b54

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress

Sections

ASPack
Size: 512B - Virtual size: 2.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ASPack
Size: 400KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE